CATEGORY: Cybersecurity and

Well, most people think about bars, locks, alarms and uniformed guards when they think about security. While these countermeasures are by no means the only protections that require being measured when trying to protect an information system, they are definitely the logical place to start. Physical security is an important part of any security plan and […]

Hackers want to compromise computers and networks to steal confidential data from enterprises through sophisticated malware. According to Gartner, a technology research firm, an “Enterprise can be protected … against targeted attacks” in five different ways. The report also suggests linking at least two of them together for best results. Let us see all these […]

In this section, we’ll look at the top five common vulnerability prevention techniques, and provide tips on how an enterprise can fix such issues, and combat attacks that try to exploit it. Authentication and access control: One of the greatest areas of concern is that usually passwords are shared among websites through a single set […]

There are several security testing frameworks being used by security inspectors for technical control assessment. The most common security testing frameworks are: Open Source Security Testing Methodology Manual (OSSTMM) Information Systems Security Assessment Framework (ISSAF) NIST 800-115 Open Web Application Security Project (OWASP) All these frameworks provide a detailed, process-oriented way in which to implement a […]

Vulnerability assessment is an important sub task of risk analysis. Vulnerability assessment is designed as a tool which detects real risks on resources, using strong but neutral procedures, and sometimes suggests necessary fixes, for the overall safety of critical assets, which if destroyed or degraded could cause operational failures over an extended period of time. […]